I must be new here, but...

morbiuswilters

@spamcourt said:

Heck, we could just use something like Your World Of Text.

Somebody made a trail and I followed it but it went nowhere.. :(

cheapie

@powerlord said:

And installing it would require Ruby.

 

Yes! We must use the modern web internet technology like [url=http://thedailywtf.com/Articles/Freelance-Fun-with-Dick-and-Jane.aspx]Rubies and Pearls[/url]!

 

aihtdikh

@morbiuswilters said:

@spamcourt said:

Heck, we could just use something like Your World Of Text.

Somebody made a trail and I followed it but it went nowhere.. :(

Huh... for some reason I assumed that you had made that trail.

At least, I was expecting to be visually assaulted with purple dildos at the end.

drurowin

 I'm sorry, Nagesh, but it's very hard to write a dynamic website in just HTML.  You have to have something GENERATE the HTML.  +1 for reading my signature though. :)

morbiuswilters

@drurowin said:

 I'm sorry, Nagesh, but it's very hard to write a dynamic website in just HTML.  You have to have something GENERATE the HTML.  +1 for reading my signature though. :)

You can be forgiven for not knowing this since you're new here, but "Nagesh" is actually an account run by a performance art troupe out of Manhattan. They pretend to be a bungling, inept Indian programmer, in order to highlight Western anxieties and stereotypes regarding globalization and outsourcing.

gaffer1

@MiffTheFox said:

It's like Reddit and Twitter had a ugly mutant baby.

The fact that the web site seems to be unsure whether it's a open source or commercial application is telling enough. (No top-level download, documentation, or installation links, but "fork on Github" button? A "Buy It" button that doesn't actually let you buy it?)

It's a badly documented open source project that's aiming to sell hosting and, I'm guessing from the other info there, consultancy style services.

And yeah, it's not complete, but Atwood's always been more of a publicity whore than anything else. Unfortunately that, not building something better than what the others are offering, is usually the key to success.

Oh, and the reasons for choosing Ruby are actually pretty solid. It's become the boring, easy option for web development.

dkf

@ubersoldat said:

moving this forum to Discuss... or maybe he hates Atwood

But that brings us back to goat blowing, but in a mutated way. Unless they've seriously improved it from the last time I looked, the major fail there was in actually making it easy to read the discussion. (Yeah, who does that these days? Well, me for one most of the time.)

Guest

It's a shame I can't seem to inject CSS.

I wanted to do something like this, perhaps a bit more subtle:

 

<style>
.CommonImageTextButton {
  animation-name: rotatethembuttonsyo; 
  animation-timing-function: linear;
  animation-duration: 600s;
  animation-iteration-count: infinite;
}
.CommonImageTextButton:hover {

transform: rotate(0deg) !important;

transition: transform 0.5s;

}
@keyframes rotatethembuttonsyo {

0% { transform: rotate(0deg); }

25% { transform: rotate(-90deg); }

50% { transform: rotate(-180deg); }

75% { transform: rotate(-270deg); }

100% { transform: rotate(-360deg); }

}</style>

 

dkf

If you're going to do that, also add some stupid flashing “webpage under construction” signs. In memory of Geocities…

morbiuswilters

@Zecc said:

It's a shame I can't seem to inject CSS.

• 

drurowin

All I can think of is "wooooooooow".

cheapie

JavaScript injection into the fancy editor seems to work, but when posted, the noscript section is executed instead...

morbiuswilters

@cheapie said:

JavaScript injection into the fancy editor seems to work, but when posted, the noscript section is executed instead...

TinyMCE is probably just letting you get away with that client-side. Server-side the HTML is stripped down to a whitelisted subset of allowed tags and attributes (albeit, not a small enough subset, as demonstrated all over), and script blocks are pulled out, as are event handlers.

drurowin

 So I've been reading the archives some, with a bottle of Irish cream in one hand, and I'm just in awe.

Can someone clarify a couple of points for me?

1: Was it ever definitively proven if SpectateSwamp was a troll or legitimately insane?

2:  Where is Serguey from?

3: Why is Common Lisp under-represented on these forums?  It's an amazing language.

morbiuswilters

@drurowin said:

1: Was it ever definitively proven if SpectateSwamp was a troll or legitimately insane?

He is definitely insane. Part of why I never much bothered with the Swampie threads, because it was clearly people making fun of a schizophrenic guy.

@drurowin said:

2:  Where is Serguey from?

Kansas.

@drurowin said:

3: Why is Common Lisp under-represented on these forums?  It's an amazing language.

Amazing or not, it's fairly arcane, especially in business.

Ben L.

@morbiuswilters said:

@drurowin said:

1: Was it ever definitively proven if SpectateSwamp was a troll or legitimately insane?

He is definitely insane. Part of why I never much bothered with the Swampie threads, because it was clearly people making fun of a schizophrenic guy.

Come now.

We're all mad here.

Cassidy

@morbiuswilters said:

TinyMCE is probably just letting you get away with that client-side.

 

For all its faults, I'm getting to like TinyMCE more since wrestling with the editor in SharePoint.

By fucking ${deity} in a handbag, that pissed me off in several ways:

• selecting a block of text and hitting the bullets adds a <li> around the whole section, not around each line.
• trying to fix it with newlines and drag/dropping lines is incredibly fiddly
• dragging a line up higher to reorder the list causes the dropped line to become a <li> of that <li>
• a numerical list suddenly decided every item was number 0. Exiting edits returned the numbers back to normal, as did removing the first <li>. Adding it back in flicked them all back to zero again.
  
• text selected with the mouse gets deselected after a brief pause, as though you accidently clicked on something when moving the mouse. Behaviour not reproducible with SHIFT+cursor keys, so that's a workaround
• Occasionally when using some of the inbuilt <span> and <div> styles the cursor seems to stick, meaning arrow up/down doesn't work for several keypresses until it manages to hurdle the invisible box-model borders. I'm guessing the code behind is keeping the cursor in situ whilst it bubbles out through style layers so the boundaries are known should another change be applied.. but it's still annoying.
• The VIEW HTML option doesn't pretty-print (or even syntax-highlight) HTML.  Any tidied formatting is lost upon saving (but I know reasons behind it).
• Div-level elements seem to have random padding (or margin) applied. Sometimes it's difficult to work out if the line spacing is an erroneous newline, padding-top from one heading or padding-bottom from the one above. Trying to reduce the line-height and not make the final presentation completely spaced-out is painful.

I've read a few articles about suggested replacements and how the editor actually works against users in many situations. It ain't just me.

Guest

@Zecc said:

It's a shame I can't seem to inject CSS other than in inline HTML, where I can't use selectors and/or pseudo-selectors.

FTFM.

I like your new "I agree with whatever Morbs just said!", though it'll be weird when the last post on the page is yours.

dhromed

@drurowin said:

Where is Serguey from?

 

Latest theories include Cuba and Azerbeidjan.

drurowin

@morbiuswilters said:

@drurowin said:

3: Why is Common Lisp under-represented on these forums?  It's an amazing language.

Amazing or not, it's fairly arcane, especially in business.

 

I still don't see why most businesses need anything more than emacs.  Lisp is much better than VBA, and emacs is amazingly better than Microsoft Oriface.  Ever tried emacs as a spreadsheet?

morbiuswilters

@Zecc said:

@Zecc said:

It's a shame I can't seem to inject CSS other than in inline HTML, where I can't use selectors and/or pseudo-selectors.

FTFM.

It also whitelists the allowed CSS properties which means you can't even use newer ones--and some older ones, like "position". That's actually surprisingly smart for CS. Of course, it does other stupid shit like letting you set the id attribute. I set a div in my signature to have the same id as the hidden form element that contains all of the tags. Since the code just does something like getElementById(hiddenFormId).value when it wants to get the list of tags, if my post is the first post on the page it will grab my div instead. So if you go to this page (since my post is first) and edit tags on the page and go to "Select Tags" it won't return anything. I wanted to inject my own set of tags but CS strips the "value" attribute from user-supplied HTML.

I do wonder if it's smart enough to strip the old css expression thing.. it only works on IE7 and before, but I used to use that to inject JS into sites. Let's see: Nope, apparently CS strips that, too.

@Zecc said:

I like your new "I agree with whatever Morbs just said!", though it'll be weird when the last post on the page is yours.

I spent a couple of hours on that. The hardest part was reconstructing the bottom part of my post box so it looked normal. If you look at it with Firebug you can see there's a lot of hackery going on to make it look not-like-shit.

Yeah, the bottom-of-the-page thing blows, but whatever. There's only so much you can accomplish with the extremely-constrained subset of CSS that CS allows.

What's interesting is, doing what I did, you could replace an avatar with an animated gif like Blakey was trying to do, but it couldn't be your own from that same post but just the avatar of the post directly below yours. That's because you can only used fixed offsets and the only guaranteed-fixed offset is from the bottom of your post to the top parts of the next post.

I suppose you could get it to work for you own posts if you made sure your posts were always of equal length by wrapping your entire post with a div with a static height attribute and overflow: auto.

morbiuswilters

@dhromed said:

@drurowin said:

Where is Serguey from?

 

Latest theories include Cuba and Azerbeidjan.

People in Cuba are too poor to use the Internet. And that other one is just a fictional place from Harry Potter books.

morbiuswilters

@drurowin said:

I still don't see why most businesses need anything more than emacs.  Lisp is much better than VBA, and emacs is amazingly better than Microsoft Oriface.  Ever tried emacs as a spreadsheet?

-_-

blakeyrat

@morbiuswilters said:

I suppose you could get it to work for you own posts if you made sure your posts were always of equal length by wrapping your entire post with a div with a static height attribute and overflow: auto.

That's pretty much where I gave up. Since my posts range from extremely clever single sentences, to unbelievably witty longer essays, the animated .gif could appear basically anywhere.

Oh well, Godzilla in my sig's good enough.

morbiuswilters

@blakeyrat said:

Since my posts range from extremely clever single sentences, to unbelievably witty longer essays, the animated .gif could appear basically anywhere.

When will CS support JS so we can position our hacks with precision?

aihtdikh

@morbiuswilters said:

@blakeyrat said:

Since my posts range from extremely clever single sentences, to unbelievably witty longer essays, the animated .gif could appear basically anywhere.

When will CS support JS so we can position our hacks with precision?

I agree with whatever Morbs just said!

MiffTheFox

It seems the next nefarious step is to inject content into the next person's post.

aihtdikh

@MiffTheFox said:

It seems the next nefarious step is to inject content into the next person's post.

The <li> bullets in front of every post are amusing. Was that you, Ben L? Or did Morbs inject that into your post?

morbiuswilters

@aihtdikh said:

@MiffTheFox said:

It seems the next nefarious step is to inject content into the next person's post.

The <li> bullets in front of every post are amusing. Was that you, Ben L? Or did Morbs inject that into your post?

That was a result of the "dancing bananas" thing I did above. Since I did it in the middle of my post and I didn't bother matching up all of the tags CS creates on its own, it did that. Fun fact: each post in a thread is its own <li>.

Ben L.

@morbiuswilters said:

@aihtdikh said:

@MiffTheFox said:

It seems the next nefarious step is to inject content into the next person's post.

The <li> bullets in front of every post are amusing. Was that you, Ben L? Or did Morbs inject that into your post?

That was a result of the "dancing bananas" thing I did above. Since I did it in the middle of my post and I didn't bother matching up all of the tags CS creates on its own, it did that. Fun fact: each post in a thread is its own <li>.

Broke that more for you

aihtdikh

@Ben L. said:

@morbiuswilters said:

@aihtdikh said:

@MiffTheFox said:

It seems the next nefarious step is to inject content into the next person's post.

The <li> bullets in front of every post are amusing. Was that you, Ben L? Or did Morbs inject that into your post?

That was a result of the "dancing bananas" thing I did above. Since I did it in the middle of my post and I didn't bother matching up all of the tags CS creates on its own, it did that. Fun fact: each post in a thread is its own <li>.

Oh, the bananas were you! I hadn't traced which post they came from.

Hmm what did you break more, Ben? The main reason I'm replying is to see what happens to the post.

I do see that "Broke that more for you" appears outside the div containing the rest of the message, so it is not included when I Quote Existing Message.

It also completely screws up the Preview tab of the editor; good job!
Edit:Did you simply close an unmatched div?

Ben L.

Dear internet software developers:

Never, EVER, sanitize user input.

Think of all the wonderful things like this topic and the one where we broke CS even more a few years back that you'll be precluding from your software.

morbiuswilters

@Ben L. said:

Dear internet software developers:
Never, EVER, sanitize user input.

Think of all the wonderful things like this topic and the one where we broke CS even more a few years back that you'll be precluding from your software.

The sad thing is, CS actually does sanitize user input. But, while they apparently realized they should close any open tags in user-supplied markup, the general case never occurred to them to make sure the tags always balance; they should have stripped any closing tags that didn't have matching opening tags. Oh well.

MiffTheFox

The best approach to sanitizing HTML I've seen was HTML Purifier's approach: Parse it as HTML, sanatize the resulting DOM objects, then serialize it back to (well-formed) HTML.

rad131304

@dhromed said:

@drurowin said:

I'll have to play with that later, if innocent fun isn't verboten.

 

Outright breaking the forum is where I draw the line, so please don't.

The original thread on some of the CS "attacks" is here

db2

@rad131304 said:

The original thread on some of the CS "attacks" is here

That's the best thread I've ever seen.

Snowyowl

@db2 said:

That's the best thread I've ever seen.

Its beauty is making my cry manly tears.

And by "beauty" I mean "physically painful colour scheme".

 

error

Last time I did this, the mod fixed it in minutes.

Snowyowl

 Morbius, how does your lovely signature work? I've tried my best but it doesn't seem to show up. According to Firebug, there is a speech bubble over the joe.edwards's avatar proclaiming Morbius's superiority, it's just accidentally invisible.

dhromed

Enough with the thread breakage!

MiffTheFox

An idea I came up with the other night for attacking CS is, since it lets you still specify HTML with classes and ids, using the existing site CSS to access properties that CS normally strips, like position and z-index.

Guest

@MiffTheFox said:

An idea I came up with the other night for attacking CS is, since it lets you still specify HTML with classes and ids, using the existing site CSS to access properties that CS normally strips, like position and z-index.

Yeah, I wanted to make my posts start with a reflection of

								        <a href="/forums/AddPost.aspx?ReplyToPostID=323368&amp;Quote=False" mce_href="/forums/AddPost.aspx?ReplyToPostID=323368&amp;Quote=False" class="CommonImageTextButton CommonReplyButton">Reply</a>

Favorites
Contact

								    </div>
								        
								    </div> but unfortunately <code>transform: scaleY(-1)</code> is filtered out.<br><p>&nbsp;</p>

Guest

@MiffTheFox said:

An idea I came up with the other night for attacking CS is, since it lets you still specify HTML with classes and ids, using the existing site CSS to access properties that CS normally strips, like position and z-index.

Check out Morbs' speech balloon, I assume it's under a div classed ".CommonTitleBar" just to have position: relative.

morbiuswilters

@Snowyowl said:

 Morbius, how does your lovely signature work? I've tried my best but it doesn't seem to show up. According to Firebug, there is a speech bubble over the joe.edwards's avatar proclaiming Morbius's superiority, it's just accidentally invisible.

It just uses a relatively-positioned div with an img tag in it. I'm not sure why it wouldn't show up for you--it shows up for me in both Chrome and FF.

morbiuswilters

@Zecc said:

@MiffTheFox said:

An idea I came up with the other night for attacking CS is, since it lets you still specify HTML with classes and ids, using the existing site CSS to access properties that CS normally strips, like position and z-index.

Check out Morbs' speech balloon, I assume it's under a div classed ".CommonTitleBar" just to have position relative.

Exactly.

Ben L.

aihtdikh

Ben L.

aihtdikh

fatbull

@dhromed said:

Enough with the thread breakage!

It... I... But... But my invisible shoulder pangolin said it was all right! Are you saying my invisible shoulder pangolin lied to me? Don't say my invisible shoulder pangolin lied to me! My invisible shoulder pangolin would never lie to me! Never! You hear? NEVER! :(

Unlike those pesky invisible shoulder aliens.